
INTERACTIVE REVERSE CHANNEL FOR 
DIRECT BROADCAST SATELLITE SYSTEM 

Field of the Invention 

5 This invention relates to direct broadcast satellite 

systems but more particularly to the provision of an 
interactive reverse channel for enabling communication between 
a direct broadcast satellite server and DBS subscribers, 

10 Background of the Invention 

iD Direct broadcast satellite (DBS) systems were 

designed to provide distribution of multiple television 

jjs signals (channels) to service subscribers within the footprint 

i.- rj- 

M of the DBS satellite antenna. The intention of DBS systems is 

q 15 to compete with cable television systems. Unfortunately, DBS 

L ^ systems are one way hxgh bandwidth delivery systems. They are 

I 5 3 

'*Z not designed to have a return path via the satellite to the 

! * y DBS service provider, although such a return channel is very 

desirable. The unavailability of a return channel between DBS 
20 service subscribers and DBS service providers have resulted in 
two . shortcomings of DBS systems. One is that DBS providers 
have a major problem in providing feedback of audience 
watching habits. Second, DBS systems are prone to signal 
security breaches and thus suffer from piracy of the signals. 
25 In the first instance, because of the difficulty in 

proving audiences of sufficient quantity and quality, DBS 
system providers have had difficulty in trying to gain the 
interest of major advertisers. 
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Existing audience measurement systems are based on a 
limited metering and monitoring of a small sample of 
customers, using facilities other than the equipment which 
comprises the DBS system. Such systems are often affected by 
the knowledge by the sample group that they are being 
monitored. They are also relatively expensive to implement. 

Audience measurement is an essential part of modern 
television and is the cornerstone of the business. Television 
programs are scheduled and cancelled, and advertising time is 
„10 bought and sold based on audience measurement. 

The field of television audience measurement is 
dominated today by one company - Neilsen. This company has 
dominated the field for so long and so completely many of its 
customers believe they have lost sight of their needs and it 
no longer provides timely and effective responses to the 
evolving requirements of this crucial field. The Neilsen 
ratings were developed to meet the needs of the broadcast 
industry, but today many other sectors of the television 
industry need ratings service and these other fields (cable 
and DBS) feel particularly strongly that their needs are not 
met by conventional methods as they regard the ratings 
companies as being beholden to broadcasters. 

Early in 1995, the only major competitor to Neilsen, 
Arbitron, abandoned the television ratings business and 
exacerbated the problem of a monopolistic attitude to customer 
requirements. Not only are cable and DBS operators 

dissatisfied, but so are Neilsen's prime customers - the 
broadcast networks. The broadcast networks are so 
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dissatisfied that they have initiated developing their own 
state-of-the-art ratings laboratory, and have contracted with 
Statistical Research Inc. (SRI) to implement the new lab, and 
SRI has already developed new metering devices and program 

coding devices. 

The existing ratings technologies are based on 
sampling of the audience coupled with a variety of technigues 
for measuring watching and attentiveness within the sampled 
residences. Reporting of the gathered data is performed 
monthly by telephone from each residence and data is uploaded 
for analysis. There is no form of immediate or interactive 
activity between an advertiser and the television audience. 
This final point has become very significant as the Internet 
C has blossomed, and businesses who use the Internet can see 

3 15 that in that environment they can get immediate response and 
ll interactivity. Hence they know guickly if the money that they 

n are spending on Internet advertising is cost-effective. As a 

0 result of this exposure to immediate and interactive 

advertising, the frustration with the limitations of 
20 conventional television advertising and audience measurement 
has become a major concern to television advertisers. 

Neilsen typically samples about 4000 residences for 
its television ratings. These sampled residences have over 
the years been provided with a variety of boxes (usually 
25 termed People Meters) on which the household residents were 
supposed to record their television viewing. It is normal 
practice to pay households who agree to accept a People Meter 
in their home. 
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People Meters typically involved pressing buttons as 
people entered or left the room containing the television. 
The use of such active methods is sporadic, and response of 
children and visitors is particularly bad. More recent 
Neilsen efforts to monitor the residents of a household has 
focused on trying to perfect a passive system based on image 
recognition. This system tries to match camera images of any 
moving object with stored images of the household members. 
The first attempts were very unsuccessful due to problems such 
as low room lighting. This problem is being overcome by 
flooding the room with invisible light for the purpose, but 
even so the image matching is poor. If it is ever made to 
work satisfactorily, its major improvement will be to replace 
active systems with a passive one. However, television 
broadcasters are already saying in effect this is too little 
too late - they want real time interactive systems. In 
addition, major privacy concerns have surfaced with this new 
and invasive technique. 

As indicated previously, the other shortcoming to 
DBS systems is with regards to signal security. 

Satellite television systems to date have suffered 
major problems due to piracy of the signals. These problems 
have been well documented in the media. 

At present DBS security systems are based on 
25 encryption of the transmitted television signals which are 
decrypted in the individual clients set-top boxes. Data 
transmitted with the broadcast signal is used in the process 
of enabling set-top decryption for specific channels or 
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events. The set-top box accepts a smart card inserted by the 
user, records the viewing of specific events and compiles a 
usage record which is reported to the DBS service provider 
approximately once a month by means of an automatic dial-out 
over the POTs network, or by means of a polling call to the 
client set-top box by the DBS service provider. 

In a typical existing DBS system, the video signal 
is encrypted at the sending office with a private key. The 
receiver, at the subscriber premises, receives this encrypted 
signal together with an indicator of where to look on the 
smart card for a means of determining the private key with 
which to decrypt the signal, so that viewing is possible. 

The private key itself is not sent from the sending 
office. Only an indicator of how to determine the key, based 
on algorithms and random numbers already stored on the 
subscriber's smart card, is transmitted from the sending 

office over the DBS system. 

The smart card serves the function of authenticating 
the user. This is not an interactive process - mere 
possession of the card is sufficient authentication. The card 
will only operate in the individual subscriber's set-top box. 
in addition, it accepts an -indicator'' to the decryption key, 
which when combined with part of the contents of the smart 
card enables the smart card to determine the decryption key. 
Thus, the establishing of the decryption key is based on the 
match between the set-top box and the smart card, the receipt 
of the "indicator" from the sending office, and the algorithms 
and data contained within the smart card. 


For example, the key could be based on one or more 
random numbers. In a simple system, the sending office would 
look up a random number from a previously existing table. It 
would use this random number as the key with which it would 
encrypt the video signal. It would transmit the encrypted 
signal, together with a pointer to the receiver. The pointer 
is the indicator which the receiver uses to locate the same 
random number from the same table used at the sending office, 
only in this case the table is contained within the smart 
card. Once it has located the random number, it can then use 
this random number to decrypt the video signal. 

The foregoing is a very simple version of what 
happens, but the principles are correct. To increase 
security, the key is changed every few seconds, and more than 
one random number may be used to construct the key, plus the 
random numbers may not be directly, but may be subjected to an 
algorithm which computes the actual key to be used. 

Despite the technical complexity of the foregoing 
techniques, and the sophisticated technology of the smart card 
which has been designed to prevent any breaching of its 
security mechanisms by reverse engineering and duplicating the 
smart card, existing DBS security arrangements have been 
compromised several times and on a massive scale. 

Accordingly, a need exists for a solution which can 
overcome the aforementioned problems for DBS systems. 

In particular, a need exists for a system and method 
of providing a reverse channel to enable interactive 
communication between a DBS subscriber and DBS service 
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provider. The addition of an interactive return channel 
overcomes the problems associated with existing audience 
measurement systems as well as the problems associated with 
existing DBS signal security techniques. 

Although a return channel can be provided at 
present, it requires the use of a leased line from a telephone 
company to each of the DBS subscriber stations. A lease line 
provides an expensive return channel and is generally 
impractical because of the cost. It has accordingly not been 
considered as a valid approach for universal use. 


S umm ary of the invention 

It is therefore an object of the present invention 
to provide a low-cost return channel between DBS subscriber 
stations and a DBS service provider and which is capable of 
U carrying interactive communication. 

Another object of the present invention is to 
provide a system and method of providing a low-cost return 
channel which can be set up to provide a full-time interactive 
communication channel between a DBS subscriber station and a 

DBS service provider. 

Yet another object of the present invention is to 
provide a system and method of providing an interactive 
communication channel between DBS subscriber stations and DBS 
service providers over a communication path established over 

the Internet network. 

According to a first aspect of the present 
invention, there is provided a method of providing an 
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interactive communication channel over the internet between a 
provider of Direct Broadcast Services (DBS) and DBS 
subscribers, comprising: 

connecting- a DBS subscriber station to a first 
Internet interface having a first Internet Protocol (IP) 
address; 

connecting a DBS server to a second Internet 
interface having a second Internet Protocol address; 

providing a communication path between said first 
Internet interface and a first Internet Service Provider (ISP) 
and between said DBS server and a second ISP; and 

establishing a communication link between said DBS 
server and said DBS subscriber station via said first and 
second ISP over the Internet network to enable the interactive 
exchange and retrieval of information between said DBS 
provider and said DBS subscriber station. 

According to another aspect of the present 
invention, there is provided a system for providing an 
interactive communication channel over the Internet between a 
provider of Direct Broadcast Services (DBS) and DBS 
subscribers, comprising: 

a DBS subscriber station for receiving and decoding 

DBS signals; 

first Internet interface means for connecting said 
DBS subscriber station to an Internet network, said first 
Internet interface means having a first Internet Protocol (IP) 
address; 
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second Internet interface means for connecting a DBS 
provider's server to said Internet network, said second 
internet interface means having a second Internet Protocol 

(IP) address; and 

communication link means between said first Internet 
interface means and said Internet network, to enable the 
interactive exchange and retrieval of information between said 
DBS server and said DBS subscriber station via said Internet 
network . 

Brief Description of the Drawings 

Fig. 1 is a diagram illustrating the basic concept 
of a prior art direct broadcast satellite system; 

Figs. 2a, 2b and 2c are illustrations of prior art 
means of defeating DBS security systems; 

Fig. 3 is a diagram illustrating the provision of a 
low-cost return channel between DBS subscriber stations and a 
DBS server according to a first embodiment of the present 
invention; 

Fig. 4a is a block diagram illustrating the means 
for providing a return channel from a DBS subscriber station 

to the Internet; and 

Fig. 4b is a diagram illustrating the main 
subsystems forming part of the Internet interface of Fig. 4a. 

Description of the Preferred Embodiments 

Referring now to Fig. 1, we have shown a diagram 
illustrating the basic concept of a prior art Direct Broadcast 
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Satellite (DBS) system. The main components of a DBS system 
include a DBS server 10 located at the service provider which 
collects a variety of channels from various sources. These 
are then coded for transmission, via a satellite dish 11, to a 
5 geostationary satellite 12. The geostationary satellite 12 
receives the video signal 13, amplifies it, and broadcasts the 
video signal over a large footprint 14. The footprint 14 is 
large enough to cover or to provide service to DBS subscribers 
located in most regions of North America. The high frequency 
^ 10 digital broadcast signal is received at a subscriber's 
5 residence 15 by means of small-size receiver dishes. The 

signal is then decoded for viewing on the subscriber's 
television set 17. The digital signal received at the 
C subscriber's residence 15 offers a higher signal-to-noise 

Q 15 ratio than a similar signal received over cable. In addition, 
2 the signal carried by a DBS service provider offers a much 

| larger selection of channels than standard cable television. 

i0 For this reason, a grey market of pirated equipment 

exists to enable the illegal reception and decoding of the 

20 broadcast signal. 

Prior to the implementation of this invention, DBS 
systems provided distribution of multiple television signals 
in a forward direction to subscribers located within the 
footprint of the DBS satellite antenna. The DBS server could 

25 send short forward messages to individual subscribers in a 
broadcast mode, by including a message for each individual 
subscriber in the signal from the DBS server, that was relayed 
through the satellite. 
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These short forward messages would include 
frequently updated encryption keys that are used by the set- 
top box in the ongoing decryption process as well as program 
schedules. As described previously, existing DBS systems use 
5 smart cards in conjunction with the decoder contained in the 
set-top box to control access to the various television 
signals received by the DBS subscribers. 

Prior to this invention, there was no method of 
economically providing a DBS reverse channel for interactive 
10 real-time communication between the DBS service provider and 
vD the DBS subscribers which would be available for the entire 

M" time that the DBS service was in use, and that could be 

m available to a widespread base of subscribers. 

f7 Figs. 2a, 2b and 2c show some of the better known 

p 15 methods of compromising existing DBS security systems. One 
U technique includes, as shown in Fig. 2a, PC programs to 

S emulate the smart card. A PC 20 connected to the decoder 

' s0 portion 21 of the DBS receiver can emulate the function of a 

smart card 22. In this technique, a card reader would be used 
20 to transfer data from the card to a PC. The PC could then be 
used in other systems where cards are not available. 

in the technique of Fig. 2b, the authorization codes 
of the smart card 23 are used to enable the decoder 21 to feed 
multiple decoders 24 and 25. 
25 Finally in the technique of Fig. 2c, the smart card 

26 is validated by emulating the receipt of valid DBS 
authorization codes. 
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The problems associated with signal piracy in DBS 
arise from the fact that the equipment installed at the 
subscriber's premises is out of control of the DBS service 
provider. Activation and validation of codes are broadcast to 
all subscriber stations which therefore makes it impossible 
for the service provider to control who is authorized to 
receive new validation codes. 

The existing DBS encryption method is a form of 
private key encryption. In a private key encryption system, 
the encryption keys are known by the sending and receiving 
equipment. Private key encryption systems are well suited for 
situations where both sender and receiver are "trusted" . 
However, as indicated previously, the problems that have been 
encountered are essentially due to the fact that the receiving 
end (i.e. the DBS subscriber residence) is not a trusted 
environment, and attacks for the purpose of signal piracy are 
launched on the receiving equipment which is host of the 

decryption process. 

Referring now to Fig. 3, we have shown a diagram 
illustrating a system according to the preferred embodiment of 
the present invention. The system and method of the present 
invention provide major enhancements to the service and 
operational capabilities of DBS systems. 

This invention adds the capabilities of the Internet 
as an interactive communication link to those of a DBS system, 
in so doing, the invention overcomes a major drawback of 
existing DBS systems which do not have a viable method of 
communicating from the subscriber to the service provider 
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continuously and in real time. By adding the Internet to the 
DBS system it is possible not only to add a reverse channel, 
but to add an interactive channel for control and real-time 
communication between the subscriber (set-top box) and the 

service provider (server) . 

The invention covers not only the integration of the 
internet with a DBS system, but also the application of this 
combined Internet/DBS system to provide all new services which 
are enabled by the synergy between the Internet and the DBS 
system, and specifically, enhanced audience metering and DBS 

signal security. 

With the system and method of the present invention, 
the DBS system elements remain the same as those presented in 
Fig. 1. However, as illustrated in Fig. 3, with the present 
invention, an interactive link is established between the DBS 
provider's server 30 and each DBS subscriber station located 
in the DBS signal's footprint 31. In particular, a subscriber 
residence 3 2 is provided with a return or interactive channel 
by means of a communication link 33 which receives and sends 
data via' the Internet network 34 to DBS server 30. The use of 
the internet network 34 enables the DBS service provider to 
provide a low-cost return channel from each of the 
subscriber's residence. The Internet network 34 can carry 
two-way data in relatively real time. Real time is used here 
to mean that the information is exchanged in response to a 
query or command from the DBS server 3 0 to the DBS subscriber 
station while the subscriber station is performing its 
intended function. Although not essential, in the preferred 


embodiment of the present invention, a full-time communication 
link 3 3 is provided between the subscriber residence 3 2 and a 
first Internet service provider 35. This full-time 

communication link can be provided by means of Asymmetrical 
Digital Subscriber Lines (ADSL) or Symmetrical Digital 
Subscriber Lines (SDSL) . A high-capacity communication link 
3 6 is set up between the DBS service provider's server 3 0 and 
a second Internet service provider 37. The DBS server 3 0 can 
communicate with individual subscriber stations by sending 
Internet packets to an Internet Protocol (IP) address 
associated with each DBS subscriber station. In this fashion, 
queries for audience measurement statistics can be retrieved 
in real time from the subscriber station, or the subscriber 
station can automatically send information at regular 
intervals, or whenever a change occurs, for example when the 
channel or other setting is changed. Similarly, public 
encryption keys can be transmitted continuously to each 
subscriber station to update their decoding algorithms. 

Referring now to Fig. 4a, we have shown a block 
diagram illustrating how a DBS subscriber station is connected 
to the Internet for providing an interactive return channel 
with a DBS service provider. As indicated previously, a 
subscriber station 40 is provided with a small-size dish 42 to 
capture a broadcast signal transmitted by a geostationary 
satellite. A processor and decoder 43 enables the decoding of 
the signal from receiver 41, processes date from the remote 
control 44, and runs software to communicate through the 
Internet interface 45, and with receiver 41. A memory 4 6 is 


used to store the decoding algorithm, software and subscriber- 
related information, including subscriber usage statistics. 
The decoded DBS signal can be viewed on the subscriber's 

television 47. 

Access to the DBS subscriber station 40 is 
accomplished by means of interface 45 which is provided with a 
communication link to an Internet service provider 48. One 
implementation of the interface 4 5 may be a standard Ethernet 
connection to the communications link terminating unit. 
Another implementation may incorporate the communications link 
terminating unit into the subscriber station, in which case no . 
user-accessible interface may exist. In one illustrated 
embodiment of the invention, the communication link is 
provided by means of Asymmetrical Digital Subscriber 
Line/ Symmetrical Digital Subscriber Line (ADSL/SDSL) Terminal 
Unit 49 providing art ADSL/SDSL link 50 to a telephone central 
office 51 and from there on to the ISP 48. In another 
illustrated embodiment of the invention, the communication 
link is comprised of a cable modem 52 connected to a cable 
television headend 53 which then provides a connection 
directly to the Internet service provider 48. 

ADSL and SDSL technologies are usable on most 
telephone lines to provide a separate full-time data path that 
is piggybacked over the line without affecting telephone 
service. At the central office 51, the data path will be 
connected to an Internet service provider th 48at has 
connectivity to the global Internet. It should be noted that 
this technology may also be applied with the data path 
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connected to a private data network or a switched video system 
rather than to an Internet provider. 

Cable modems such as shown at reference numberal 52, 
can be used with cable television systems to provide data 
5 connections between the customer's premises and the cable 
television headend. The cable television systems use coaxial 
cable drops to the home and a shared coaxial cable or hybrid 
fibre-coaxial cable infrastructure. The data connectivity is 
piggybacked on unused spectrum within the bandwidth of the 
Q 10 cable. At the headend 53 the data path is connected to an 
internet service provider. 48 that has connectivity to the 
global internet. It should be noted that this technology may 
also be applied with the data path connected to a private data 
network rather than an Internet provider. 

Referring now to Fig. 4b, we have shown a diagram 
illustrating the main components of the Internet interface 
shown in Fig. 4a. At the customer premises, the data 
signal 54 from the telephone line, cable television system or 
other interface providing full-time Internet connectivity is 
linked with one or more devices that can run Internet 
applications. The connection may be to one or more devices 
such as a DBS receiver 55, an associated set-top box, a PC, 
and/or to the television 56, depending on where the Internet 
applications capabilities are implemented. 

Whichever method of access is used, the Internet 
interface's fundamental characteristic is that it is able to 
provide IP connectivity in both directions at all times. It 
may also be possible to simulate full-time connectivity with 
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protocols for rapid set-up of an ISDN B channel initiated by 
an IP application, but this presupposes the channel cannot be 
pre-empted for other purposes such as voice calls. The cost 
implications of having separate end-to-end switched circuits 
set-up between each customer and the DBS provider suggest that 
simulating full-time IP connectivity in this way is not likely 
to be an economic solution. 

The specific application processes used for the DBS 
server and client to interact are known to those knowledgeable 
in this art and need not be described. The process and 
application software 57, under control of microprocessor 58 
would make use of the Internet TCP/IP protocols and Internet 
processes such as Telnet or File Transfer Protocol (FTP) , to 
interface the subscriber station 40 and ISP 48. 

When a subscriber interacts with the DBS in such a 
way as to require sending a message to the DBS service 
provider, or when the service provider requires data to be 
returned from the subscriber, the DBS set-top box utilizes the 
local Internet connection provided by an Internet service 
provider as is currently done today for Internet 

communication . 

The subscriber's set-top box contains an 
implementation of the client part of the DBS services 
application program, the TCP/IP protocols used by the 
Internet, as well as the network access protocols. The DBS 
application program is a program developed to specifically 
implement the functions or applications that the DBS service 
provider wishes to have available to the subscriber, e.g. pay- 


per-view service. The server part of the application would 
reside at the DBS server location. 

The application program may make use of application 
processes, such as Telnet for remote terminal emulation, or 
FTP for file transfer if, say, a file of usage data was to be 
returned to the DBS service provider. 

The application program interfaces with the TCP 
and/or UDP protocols, usually via an Application Programming 
Interface (API) . The TCP and UDP protocols provide a means 
whereby two processes can carry on a dialogue. Logical 
connections, called sessions, are handled by the TCP and 
provide reliable (error free, and in sequence) message 
interchange service between user and application processes. 

The TCP interfaces to the IP which provides network 
routing functions. The network access layer then provides the 
service required by the specific network that is used. 

The DBS service provider is connected to the 
Internet in a similar manner. The Internet itself routes and 
delivers messages from the subscriber's Internet service 
provider using normal Internet addressing and routing methods. 
Connections can be initiated from the DBS server or from the 
subscriber. In effect, the subscriber station could be 
accessed by the service provider in a way similar to accessing 
a site on the world-wide web. That is, each subscriber would 
have a "web" page of usage statistics available for retrieval 
by the service provider. Obviously, certain security 

precautions could be taken to ensure that this information is 
only available to the subscriber service provider. 
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AUDIENCE METERING 

There are two major parts to audience ratings 
measurement. The first is the monitoring of household members 
individual watching habits, e.g. the programs they watch, the 
response to commercials such as muting or leaving the room, 
turning the television on and off, muting the sound, etc. 

The second part is the timely reporting of the 
household watching events, e.g. reporting once a month of 
accumulated data, or the immediate reporting of every event as 
it happens. 

This invention can enable real-time reporting in an 
economical manner for the first time, and it can also partly 
tackle the first part of the problem as it can enable 
reporting of turning on or off of the DBS receiver, what 
channel is being watched, and if the audio is muted (i.e. any 
of the functions included in the set-top box) . 

Data collected by the users set-top boxes can be 
sent to the DBS service provider's data collection point (s) in 
real time via the Internet, or a variety of other methods, 
including on a timed basis, or when a specific amount of data 
has accumulated in the set top box. In all cases the 
reporting would be via the Internet as described previously. 
The design of the network and data collection point (s) would 
require careful consideration of peak traffic handling 
requirements, and the data reporting method would be a factor 
in this design. 
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DBS SECURITY 

The first part of this invention provides an 
interactive real-time communications channel between the DBS 
service provider and the DBS subscribers. This communications 
channel enables moving away from the delivery of decryption 
keys over the broadcast satellite that are used in the set-top 
box or smart cards, which are prone to attack. 

The existing DBS encryption methods are a form of 

private key encryption. 

The lack of a two-way communications channel between 
the server and the subscriber meant that public key encryption 
was not possible. This invention provides a duplex 

communications channel and enables the use of public key 
encryption techniques, which are better suited to non-secure 
networks such as DBS. 

Security methods such as Kerberos, disclosed in a 
paper entitled "An Authentication Service for Computer 
Networks" by B. Clifford Neuman and Theodore Ts'o, IEEE 
Communications Magazine, September 1994, are now possible with 
this invention. Kerberos, and other public key techniques are 
able to provide authentication, data integrity, data 
confidentiality, and authorisation. 

With this invention it is now possible to readily 
change the set-top box decryption algorithm, and to change 
keys based on communication over the internet. Novel 
techniques such as the use of speech recognition (voiceprints) 
and use of electronic fingerprints in place of PIN numbers 
become possible. 
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This invention is not specific to a particular 
security technique. It enables the use of security procedures 
which are dependent on an interactive real time communications 
channel, such as what is provided by the combination of the 
5 Internet with DBS. 

An example of a public key encryption technique is 
that used by Netscape Communications Corporation for Internet 
security. This technique involves the use of RSA public key 
cryptography. This document covers the use of RSA public key 
10 cryptography in a very readable and readily understood manner. 

The use of the Internet for DBS real-time duplex 
communications enables many service other than the audience 
measurement and security services. 

Additional services which are enabled by this 
15 invention include, but are not limited to:- 

DBS subscription updates and changes, 
Trouble reports, 
Service calls, 
Home shopping, 
20 Internet gateway, 

Connection to Internet multi-media services. 
The availability of an Internet connection between 
the subscribers and the DBS service provider permits the 
monitoring of user activity not previously possible. 
25 V Every DBS subscriber /can be monitored, and the DBS 

£l4ervice provider has the option to select or limit which 
subscribers are monitored. / Specifically this invention will 
permit monitoring and rep/rting of what every DBS subscriber 
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does with his receiver, includip^f- usage status (i.e. 
^receiver turned on or off^the specific channel being 
watched, which combined/^ith a database of schedule 
information will permit program popularity statistics; 
monitoring of response to specific commercials, and hence 
monitoring their effectiveness; monitoring when subscribers 
switch channels, which can be coordinated with timing of 
specific commercials or other events. 

' The statistics that will be obtainable will be of 

practical value to content providers in ensuring that they 
have and can hold the reguired audience, and hence 
substantiate audience numbers on which pricing of advertising 

time is based. 

Statistics can be obtained by designing the 
application program, referred to previously, to monitor the 
desired subscriber activities, compile individual messages 
which are communicated back to the DBS service provider in 
real time, or compile local databases within the set-top box 
which can be transferred over the Internet to the DBS service 
provider, by using FTP, for example. The result of 

implementing this invention changes the television advertising 
environment. It enables focusing advertisers on small 
specific targets, which is what advertisers want, and it 
allows pricing of advertising based on the number of responses 
to an advertisement, instead of on the number of viewers, 
since the responses to advertisements are interactive. 
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